Pwn2Own hacking contest pays $1 million for WhatsApp exploit
The Zero Day Initiative is offering a $1 million reward to security researchers who will demonstrate a zero-click WhatsApp exploit at its upcoming Pwn2Own Ireland…
Author: Cybernoz
Threat Actors Exploit Proofpoint and Intermedia Link Wrapping to Conceal Phishing Payloads
Cybercriminals are increasingly exploiting link wrapping features from vendors like Proofpoint and Intermedia to mask malicious payloads, leveraging the inherent trust users place in these…
Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks
Aug 01, 2025Ravie LakshmananThreat Intelligence / Ransomware The threat actor linked to the exploitation of the recently disclosed security flaws in Microsoft SharePoint Server is…
CISA Issues ICS Advisories for Rockwell Automation, VMware, and Güralp Seismic Monitoring Systems
CISA released two high-severity Industrial Control Systems (ICS) advisories on July 31, 2025, highlighting critical vulnerabilities in widely deployed industrial equipment that could enable remote…
Microsoft to Block External Workbook Links to Unsafe File Types by Default
Microsoft announced a significant security enhancement for Excel users, revealing plans to block external workbook links to unsafe file types by default starting in October…
Threat Actors Abuse Proofpoint’s and Intermedia’s Link Wrapping Features to Hide Phishing Payloads
The latest wave of credential-phishing campaigns has revealed an unexpectedly convenient ally for threat actors: the very e-mail security suites meant to protect users. First…
CISA released Thorium platform to support malware and forensic analysis
CISA released Thorium platform to support malware and forensic analysis Pierluigi Paganini August 01, 2025 CISA releases Thorium, an open-source tool for malware and forensic…
Solving the challenges of a bug bounty program manager (BBPM). Strategic execution for security leaders.
As more organizations lean on third-party platforms, cloud infrastructure, and remote development teams, the attack surface grows, often faster than internal security teams can manage.…
AI Engine Plugin Flaw Exposes 100K Sites To RCE Risk
A security flaw affecting over 100,000 WordPress websites has been discovered in the AI Engine plugin, specifically impacting versions 2.9.3 and 2.9.4. The vulnerability, classified…
ChatGPT Conversations are Being Indexed by Search Engines!
ChatGPT shared conversations are being indexed by major search engines, effectively turning private exchanges into publicly discoverable content accessible to millions of users worldwide. The…
Open-Source Malware and Forensics Tool Now Public
The Cybersecurity and Infrastructure Security Agency (CISA) has made a significant contribution to the cybersecurity community by publicly releasing Thorium, a powerful open-source platform designed…
Smart steps to keep your AI future-ready
In this Help Net Security interview, Rohan Sen, Principal, Cyber, Data, and Tech Risk, PwC US, discusses how organizations can design autonomous AI agents with…